A Simple Data Breach Guide (Interpreting GDPR)

Perhaps it’s too melodramatic to claim that the debate over how to define a data breach “rages on” because we haven’t seen bodies flying out of windows yet, but it is a serious question with genuine financial ramifications now that the General Data Protection Regulation (GDPR) and its accompanying fines for mishandling data have arrived to save (and sometimes confuse) the day.


The Latest Techniques Hackers are Using to Compromise Office 365

It was only a few years back that cloud technology was in its infancy and used only by tech-savvy, forward-thinking organisations. Today, it is commonplace. More businesses than ever are making use of cloud services in one form another. And recent statistics suggest that cloud adoption has reached 88 percent. It seems that businesses now rely on the technology for day-to-day operations.


Meet the Hacker: Inti De Ceukelaire - "While everyone is looking for XSS I am just reading the docs."

Inti was recently speaking at Detectify Hacker School, an event for customers where we have hacker talks and user cases presented to the audience. Afterwards our security researcher, Linus Särud, sat down with him for a hacker-to-hacker interview discussing how he got into bug bounty, his unconventional bug hunting ways and his take on why the European market is an ocean opportunity for bug bounty hunters.


3 enemies - the $96B in cyber crime that nobody wants to talk about

They say that bad things always come in threes. The adage may testify to little but the popularity of superstition, but for security executives today, this notion regrettably passes muster. Crime, complexity and cost are three foes that every CISO must face, and while most companies think crime is the enemy, in many cases it is the latter two heads of this “cyber-cerberus” that deliver the most certain bite.

api fortress

1.1b Identities Exposed in India, and It’s Not a Hack

India has a government ID database known as Aadhaar. It contains personal information on over 1.1 billion of their citizens and includes information that can be easily used for identity theft. This database is used by many government agencies to verify citizens when opening a bank account, buying a SIM card, applying for financial aid, signing up for utilities like electricity and water and more.


Hackers aren’t confined to cyberspace anymore

Like many things in life, hackers are victims (and I use the word loosely) of stereotyping. You won’t find much stock imagery depicting hackers that doesn’t involve a hoodie, a dimly-lit room and several monitors full of scrolling binary text. And whilst that’s definitely sometimes true, it also makes several assumptions about hackers in general, which is at best misleading and at worst leaves you wide open to attack.

How Can You Protect Your Company From Hackers?

According to a Clark School Study at the University of Maryland, there is a cyber-attack every 39 seconds on average. If you are running a small business, you have more reason for concern as further studies reveal that 43 percent of hacker attacks target small businesses. With such alarming cybersecurity stats, it is vital for you to learn how you can protect your company from bad-actors.

What are the different types of XSS?

Cross-site scripting (XSS) is a common vulnerability that is carried out when an attacker injects malicious JavaScript into a website, which then targets the website’s visitors. By doing so, the attacker may gain access to users’ cookies, sensitive user information, as well as view and/or manipulate the content that is shown to the user. This is not another article explaining what XSS is, why it is a security issue and how to fix it because we have already covered that.


Meet the Hacker: EdOverflow, motivated by community and knowledge sharing

EdOverflow is known for contributing a bunch of stuff: active in the community, one of the people behind security.txt – a standard for structuring responsible disclosures, bug bounty hunter and a member of Detectify Crowdsource. We got a chance to quiz him about security.txt, his motivates for being involved with hacking communities and why he chooses to report to responsible disclosure programs without bounty rewards.


The Hacker’s Economy

80% of all human endeavour is committed to making money, with the remaining 20% spent finding interesting ways to spend it. These are figures that I’ve just made up, but I said it in the Bulletproof office, and everyone nodded, which either means it speaks a certain truth or, once again, everyone is doing their best to ignore me. With this in mind, it’s fair to say people tend not to put a lot of effort into something unless they know they’re going to be financially rewarded for it.